<?php
class User {
   
   var $_isLogged;
   var $_userName;
   var $_userInfo;
   var $object;
   
   /**
    * Checks the POST values for logging infos
    * Starts and sets sessions value 
    * @return  bool  true if user is logged, false otherwise
    */
    function User()
    {
        //starts the session and sets default settings
        $this->object =& get_instance();      
        if ($this->object->session->userdata('username')==false) 
            $this->object->session->set_userdata('username','default');
        //gets users infos from ini file
        $this->object->config->load('users');
        $_users=$this->object->config->item('users');
        //sets class vars
        $this->_isLogged=$this->object->session->userdata('islogged');
        $this->_userName=$this->object->session->userdata('username');
        $this->_userInfo=$_users[$this->_userName];
        
        if ($this->object->input->post('username')!=false) {
            //parses post values for logging
            $username = $this->object->input->post('username');
            $password = $this->object->input->post('password');
            foreach ($_users as $_username => $_userinfo) {
                if ($username == $_username) {
                    if ($password == $_userinfo["password"]) {
                        $this->_isLogged=true;
                        $this->_userName=$_username;
                        $this->_userInfo=$_userinfo;
                    }
                }
            }
        } else if ($this->object->input->post('logout')!=false) {
            $this->_isLogged=false;
            $this->_userName='default';
            $this->_userInfo=$_users[$this->_userName];
        }
        //sets session data
        $this->object->session->set_userdata('islogged',$this->_isLogged);
        $this->object->session->set_userdata('username',$this->_userName);
        return $this->_isLogged;
    }
    
    function isLogged()
    {
        return $this->_isLogged;
    }
    
    function getUserName()
    {
        return $this->_userName;
    }
    
    
    function logout()
    {
        $this->object->session->destroy();
    }
  
   /**
    * Checks if the action request is authorized for the current user
    * @param   string  $action   action code (read,write...)
    * @param   string  $pagename 
    * @return  bool    true if authorized, false otherwise
    */    
    function isAuthorized($uri="")
    {
        $uri = ($uri=="") ? $this->object->uri->uri_string() : $uri;
        $roles=$this->object->config->item('roles');
        if (isset($roles[$this->_userInfo['role']]['not_authorized_patterns']))
	        foreach ( $roles[$this->_userInfo['role']]['not_authorized_patterns'] as $pattern) {
	            $pos=strpos($uri,$pattern);
	            if ($pos!==false and $pos==0)
	                return false;
	        }
        foreach ($roles[$this->_userInfo['role']]['authorized_patterns'] as $pattern) {
            $pos=strpos($uri,$pattern);
            if ($pos!==false and $pos==0)
                return true;
        }
        return false;
    }

}

?>